Invoking the FBI to spread malware

A Windows executable file, attached to an email that purports to come from the FBI, is the latest social engineering trick being used in an attempt to spread malware.

Malware is a shortened form of malicious software - programs designed specifically to damage or disrupt a system.

The email has the subject: Your IP was logged

It reads as under:

Ladies and Gentlemen,

Downloading of Movies, MP3s and Software is illegal and punishable by law.

We hereby inform you that your computer was scanned under the IP
172.112.119.57 . The
contents of your computer were confiscated as an evidence, and you will be
indicated.
You get the charge in writing, in the next days.
In the Reference code: #39395, are all files, that we found on your computer.

Well-known IT security consultant Richard Forno, who received one of these emails, said that while security professionals and most educated persons would recognise this as a scam, the average user was likely to cringe in fear at the mere hint that the FBI had targeted them for a "criminal case."

"Note the .cmd attachment to this email message - a Windows executable file (eg, malware) - cleverly disguised as the "Reference Code"
to trick the recipient into opening it," he said.

Forno noted that the sender's spelling appeared to be somewhat awry as "indicated" was used instead of the correct word, "indicted".

"The name of the attached file is referenced in the body of the message; a curious user, in panic at being "contacted" by the "FBI" might open the attachment without thinking, having allowed fear to get the better of them," he said.

He pointed out that "Room 7350" and the address in the email was the same as on the FBI's
main website. However, there was no department at the FBI called the Department for Illegal Internet Downloads. "Incidentally, the 324-0000 number is the FBI HQ main switchboard," Forno said.

He also noted that downloading of movies, MP3s, and software was not illegal - downloading unlicensed or pirated copies of such items was against US law.

"It's clear the spammer is exploiting public ignorance of this policy issue, especially in light of the news-making and controversial RIAA lawsuits last year," he said.